84f85aa0fabab28188ef47f730fac55eabf841ce65f657155ba5efd5274a5ac9 | Triage

Sharing

General

Target

84f85aa0fabab28188ef47f730fac55eabf841ce65f657155ba5efd5274a5ac9
Size

66KB
Sample

221123-q324rsfe77
MD5

bff6f8174edd06b7c02a8a34d3cf3e91
SHA1

b6372ce38eed5cace0a43148e38ad5590a4602f2
SHA256

84f85aa0fabab28188ef47f730fac55eabf841ce65f657155ba5efd5274a5ac9
SHA512

ef66228c16c64e47da4c77002b5ea453da4f4ac1529f93a0c5a17ac308aa0c671e04bd59d11dbe71e5327ba72bc1e09550663dc1efdf661a2bab2788bdee19bf
SSDEEP

1536:R1s9gsCIJb36uzOW9J3qsHdlwcIxulEbgVD+Gt8QcEG:rUpxOuzxCsHn0uaocQP

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  84f85aa0fabab28188ef47f730fac55eabf841ce65f657155ba5efd5274a5ac9
- Size
  
  66KB
- MD5
  
  bff6f8174edd06b7c02a8a34d3cf3e91
- SHA1
  
  b6372ce38eed5cace0a43148e38ad5590a4602f2
- SHA256
  
  84f85aa0fabab28188ef47f730fac55eabf841ce65f657155ba5efd5274a5ac9
- SHA512
  
  ef66228c16c64e47da4c77002b5ea453da4f4ac1529f93a0c5a17ac308aa0c671e04bd59d11dbe71e5327ba72bc1e09550663dc1efdf661a2bab2788bdee19bf
- SSDEEP
  
  1536:R1s9gsCIJb36uzOW9J3qsHdlwcIxulEbgVD+Gt8QcEG:rUpxOuzxCsHn0uaocQP
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2